Financial services firm J.P. Morgan Chase is investigating claims by a Washington D.C.-based workers union that it dumped documents containing personal financial data belonging to its customers in garbage bags outside five branch offices in New York.

Separately, it is also sending out letters to tens of thousands of Chicago-area customers and some employees about the potential compromise of their account information after a tape containing the data was reported missing.

The Service Employees International Union (SEIU), an organization claiming over 1.8 million members countrywide, has posted a video on YouTube that supposedly shows documents containing account data -- including full customer names, addresses and Social Security numbers -- being discovered in trash bags outside the bank branches in and around New York city.

Among the documents the video purports to show being recovered from the garbage bags are a loan application with the borrower's name, address and Social Security number, a checking account profile with similar details, a partially ripped account summary with personal data and a business credit application. The video ends with a message urging viewers to call Tom Kelly, the bank's head of media relations for Retail Financial Services and the U.S. Region.

JP Morgan and SEIU are currently locked in a labor dispute involving the hiring of security guards.

Kelly said that Chase is investigating the claims made by the SEIU in the YouTube video. According to Kelly, the standard procedure for disposing of financial documents at Chase branch locations is to put them into a large padlocked bin with an opening on top for inserting the documents. The papers are then later recovered from the bins and shredded. He added that the bins are not placed outside the facility.

"We don't know what happened here, we are trying to find out," he said. "We had a conference call with all of our branch managers and reiterated what our policies and procedures are" for document disposal.

The bank has also contacted SEIU's attorney and asked the group to share the customer information it claims to have recovered from the branch locations, Kelly said. "If those customers are at risk, we want to contact them," he said, adding that so far the bank has not heard back from the SEIU. "It is not clear that customer privacy was their first priority in this."

For more enterprise computing news, visit Computerworld. Story copyright Computerworld, Inc.

Whitepapers

• The Trend from UNIX to Linux in SAP(r) Data Centers
• Getting in Compliance With Government Data Regulations By Leveraging Online Security Technology
• How to Offer the Strongest SSL Encryption
• Maximizing Site Visitor Trust Using Extended Validation SSL
• Seven Steps to Reducing your Security Risk
• The Latest Advancements in SSL Technology

View more SECURITY whitepapers

Webcasts

• The Secure Web Gateway. Mission Critical For Business - Webcast
• Mobile Data Security
• Best Practices for Deploying WAN Optimization for Disaster Recovery
• Key Considerations for a Successful 802.11n Deployment
• Solutions to the Toughest IT Challenges in Remote Offices
• Lowering the Cost of Email Archives

View more SECURITY webcasts

Special Reports

• The Evolution of Network Security
• Taking Virtualization Up a Notch
• The self-managed network

View more SECURITY special reports